Is Fortisoar Paas affected by EUVD-2026-22329?

FortiSOAR versions 7.5.0-7.5.2 and 7.6.0-7.6.3 contain an authentication bypass vulnerability that allows attackers on the network to replay intercepted two-factor authentication tokens, potentially gaining unauthorized access to security orchestration and incident response systems.

EUVD-2026-22329

| CVE-2026-23708 HIGH

2026-04-14 fortinet

GHSA-6p3p-h3vc-6rh5

Fortinet Authentication Bypass Fortisoar Paas Fortisoar On Premise

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Apr 14, 2026 - 17:02 vuln.today

Severity Changed

Apr 14, 2026 - 16:22 NVD

MEDIUM HIGH

CVSS Changed

Apr 14, 2026 - 16:22 NVD

6.7 (MEDIUM) 7.5 (HIGH)

DescriptionNVD

A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA request. The attack requires being able to intercept and decrypt authentication traffic and precise timing to replay the request before token expiration, which raises the attack complexity.

AnalysisAI

Authentication bypass in Fortinet FortiSOAR allows unauthenticated remote attackers to circumvent two-factor authentication (2FA) protections via replay attacks against intercepted authentication tokens. Affects both PaaS and on-premise deployments of FortiSOAR versions 7.5.0-7.5.2 and 7.6.0-7.6.3. …

RemediationAI

Within 24 hours: Identify all FortiSOAR instances in use and document versions and deployment type (PaaS or on-premise); implement network segmentation to restrict access to FortiSOAR management interfaces to trusted security personnel only. Within 7 days: Contact Fortinet support for fixed version availability timeline; plan upgrade testing in isolated environment. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-22329 vulnerability details – vuln.today

Back

EUVD-2026-22329

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code